When must I use HTML entities?

You must use HTML entities for: & in any HTML content (use &), in text content (use < and >), quote characters inside attribute values (use " or '). You should use entities for non-ASCII characters in older HTML (HTML4) but modern HTML5 with UTF-8 encoding can use the actual character directly.

What is a non-breaking space ( )?

A non-breaking space ( , U+00A0) is a space character that prevents line breaks. Where you use instead of a regular space, the browser will not wrap the line at that point. Common uses: between a number and its unit (10 kg), between first and last names where wrapping would look bad, and in table cells that need visible space without collapsing.

Do HTML entities work in emails?

Yes. HTML emails must use HTML entities for special characters just like web pages. & < > " are essential in HTML emails. Many email clients also support named entities like © and ™. Always encode special characters in email HTML — email rendering environments are less forgiving than modern browsers.

What is the difference between < and <?

< is the HTML entity that displays as a literal less-than sign character < in the browser. If you write < directly in HTML source code, the browser interprets it as the start of an HTML tag. Use < when you want to display the character < as visible text rather than as HTML markup.

Do HTML entities work in XML?

XML supports five predefined entities: & (&), < (<), > (>), " ("), and ' ('). XML does not support named entities like © or unless the DTD defines them. For XML, use numeric entities (© for ©) or include the actual UTF-8 character directly.

HTML Entities — Convert Text to HTML Special Codes

What Are HTML Entities?

HTML entities are special codes used to represent characters that have a specific meaning in HTML or cannot be typed directly. They start with an ampersand (&) and end with a semicolon (;). The most important entities are & (&), < (<), > (>), and " (") — these must be escaped when used as content in HTML to avoid being interpreted as markup.

Named vs Numeric HTML Entities

Named entities: & < > © ® ™ — human-readable names. Decimal numeric entities: © for © — uses the decimal Unicode code point. Hexadecimal entities: © for © — uses the hex Unicode code point. All three formats are valid HTML. Named entities are most readable; numeric entities cover any Unicode character.

Common HTML Entities You Need

& = & (ampersand — must always be escaped in HTML). < = < (less than — starts HTML tags, must be escaped). > = > (greater than — ends HTML tags, escape in attributes). " = " (double quote — escape inside attribute values). ' = ' (apostrophe — escape in single-quoted attributes).   = non-breaking space. © = ©. ® = ®. ™ = ™.

The Five Essential HTML Entities

Five characters require HTML entity encoding in all HTML contexts because they have special structural meaning: < (less-than, which begins HTML tags) encodes as <, > (greater-than, which ends HTML tags) as >, & (ampersand, which begins entities themselves) as &, " (double quote in attributes) as ", and ' (single quote in attributes) as ' or '. Failing to encode these five characters when they appear in user-generated content is the root cause of Cross-Site Scripting (XSS) vulnerabilities — one of the most common and serious web security issues.

Named vs Numeric Entities

HTML entities come in two formats. Named entities use descriptive names: © for ©, ™ for ™, € for €, — for —. Numeric entities use decimal (© for ©) or hexadecimal (© for ©) Unicode code point values. Named entities are more readable and memorable but have less complete coverage. Numeric entities can represent any Unicode character. Both formats decode to identical output — the choice between them is a developer preference or style guide decision, not a technical requirement.

HTML Entities vs Unicode Characters

A common question: should you use HTML entities or Unicode characters directly in HTML source? The modern answer: use Unicode characters directly in UTF-8 encoded HTML files, and reserve HTML entities only for the five structural characters that must be encoded. Writing © directly in UTF-8 HTML is equivalent to © — both display identically. The historical reason for using named entities — ASCII-only file encoding that couldn't represent non-ASCII characters — no longer applies to modern web development where UTF-8 is the universal standard.

Entity Encoding for User Content

Web applications that display user-submitted content must HTML-encode all text before displaying it in HTML context. A user who submits the text '<script>alert(1)</script>' as their username should see that exact text displayed on their profile, not have a JavaScript alert execute. Proper HTML encoding transforms the < and > to < and >, rendering the text visible without executing it. This sanitization step is fundamental to web security and must occur at display time rather than storage time — storing pre-encoded text creates double-encoding problems when text is processed by multiple systems.

Special Character Reference for Creators

Common HTML entities useful for content creators: (non-breaking space, prevents line break between words), — (em dash —, for punctuation), – (en dash –, for ranges), … (ellipsis …, three dots as single character), « » (guillemets « », used in French and other European typography), © (copyright ©), ® (registered trademark ®), ™ (trademark ™). These entities ensure these characters display correctly in all HTML contexts without depending on the character being present in the document's encoding.

The Five Critical HTML Entities

HTML has five characters that must always be escaped in content: & (ampersand → &), < (less-than → <), > (greater-than → >), " (double quote → "), and ' (apostrophe → ' or '). Using any of these raw characters in HTML content can break the page: an unescaped & starts what HTML parses as an entity reference, an unescaped < starts what HTML parses as a tag. Web security depends on proper HTML entity encoding — failure to encode user input before inserting it into HTML is the cause of Cross-Site Scripting (XSS) vulnerabilities.

XSS and HTML Entity Encoding Security

Cross-Site Scripting (XSS) is consistently one of the top web security vulnerabilities. The attack works by injecting script content into a web page through input that isn't properly HTML-encoded. If a user types <script>alert('xss')</script> into a comment field and the application renders it as HTML without encoding, the script executes in other users' browsers. Proper HTML entity encoding of all user-provided content before rendering it as HTML prevents this — <script> renders as the visible text rather than executing as a script tag.

Named vs Numeric HTML Entities

HTML entities have two forms: named (& < ©) and numeric (& < ©). Named entities are human-readable and more common in hand-written HTML. Numeric entities work for any Unicode character — even ones without names — using either decimal (€ for €) or hexadecimal (€ for €) notation. For special characters not in the named entity list, numeric entities are the only encoding option. This tool generates both forms, letting you choose based on your context and readability preferences.

Non-Breaking Space ( ) Use Cases

The non-breaking space ( or ) is among the most used HTML entities in professional web development. Unlike a regular space, prevents line breaks between the words it connects, and in certain contexts prevents multiple spaces from collapsing to one. Common uses: keeping a number with its unit together (10 km won't line-break between 10 and km), preventing a title from breaking at an awkward point, adding horizontal spacing in HTML where regular spaces would collapse, and creating indentation in contexts where CSS spacing isn't available.

HTML Entities in Email Templates

Email HTML has stricter encoding requirements than web page HTML because email clients have inconsistent CSS support and different HTML rendering engines than browsers. Characters like em dashes (—), curly quotes ( ' '), ellipses (…), and special mathematical symbols should always be encoded as named or numeric HTML entities in email templates to ensure they render correctly across all email clients. Plain text versions of emails should use ASCII equivalents (-- for —, ... for …). Email developers who understand HTML entities produce more consistently-rendered templates across the Gmail, Outlook, Apple Mail, and other clients that recipients use.

Frequently Asked Questions

Yes. All encoder tools on Fontlix work in both directions. Paste encoded text to decode it, or paste plain text to encode it. Results appear instantly.

Yes. All encoders use standard algorithms and character mappings. Morse code follows International Morse standards, Binary uses standard 8-bit ASCII, Base64 follows RFC 4648.

Yes. Encoded text is standard output that works in any text field, email, document, or system that accepts the encoding format.

This tool encodes standard Latin text characters. Extended Unicode characters use multi-byte representations in some encodings. Results are shown for all input characters that have encodings.

Yes. All encoder and translator tools on Fontlix are completely free with no signup required.

HTML Entities Converter — Encode & Decode

What Are HTML Entities?

Named vs Numeric HTML Entities

Common HTML Entities You Need

The Five Essential HTML Entities

Named vs Numeric Entities

HTML Entities vs Unicode Characters

Entity Encoding for User Content

Special Character Reference for Creators

The Five Critical HTML Entities

XSS and HTML Entity Encoding Security

Named vs Numeric HTML Entities

Non-Breaking Space ( ) Use Cases

HTML Entities in Email Templates

Frequently Asked Questions

🛠 Related Tools